Cryptocurrency Coin Cold Storage: Safe Offline Hardware Wallet?

With the popularization of Bitcoin in 2009, the sphere of cryptocurrencies has grown larger and stronger in recent times. People are now using these digital tokens more than ever, which are thanks to the advancement in computer software and systems, as well as rise in their adoption as means of payment. However, not all of the developments with cryptocurrencies have been positive. As the number of users for these coins has risen, so have criminals who intend to drain virtual wallets. Unfortunately, there are little regulatory frameworks for cryptocurrencies, which means that owners could be left out of luck in cases of fraud or theft.

So how can you protect these virtual assets from being taken away? And where is the best place to keep them? Bitcoins do not exist in the physical world, so you don’t need to worry about those being stolen. Rather, they are accessed through the use of private and public keys, which are kept in a digital wallet. This means that it is your wallet that you should keep an eye on, as well as your keys that need to be kept in a safe place.

The good news is that there are numerous ways that you can keep your wallet safe, with some of the most popular methods being encryption, backup, and cold storage; yet none offers guaranteed protection. Your first line of defense should be to encrypt your private key using a complicated password. The second step is to make a backup of your wallet file, as your computer could malfunction and take your crypto coins along with it.

In spite of the above precautions that you can take, your safest bet to secure your earnings involves taking them off the Internet entirely. This then prevents hackers from ever accessing your wallet, or your coins. The only downside to this approach is that it is less convenient, and more time consuming than making a simple backup or using a hot wallet service such as Coinbase. For this reason, cold storage is usually done only for when you have a substantial amount of coins that you wish to protect. Some people like keeping a small balance of coins in their online wallet for making micro purchases (like a checking account) and then move them into a cold storage (savings).

The method of splitting one’s crypto assets is used by exchanges that allow the trade of virtual coins. These platforms handle millions of dollars of transactions per day, which makes them a lucrative target for criminals. To minimize the loss following a breach, these platforms keep their customers reserves sealed in cold storage. The companies’ calculations keep just enough tokens for withdrawals.

Cold Storage Methods

As it is equally important for end users and platforms to safeguard their investments, there are a number of different methodologies that can be used. Some of these methods are free of charge (and happens to be the safest), while others involve paying upfront fees.

Paper Wallet

A paper cold storage wallet can protect your coins against criminals or a computer malfunction. This method involves printing your public and private keys on a bit of paper. As an additional feature, some paper wallets come with a scannable QR code for easy transactions. One of the downsides of using a paper wallet is that its safety becomes as valuable as the coins it gives access to. It’s also a good idea to make a backup of the wallet and encrypt its information for additional security.

A paper wallet for storing your cryptocurrencies could make the process of protecting your coins a simpler task. There are countless options available for keeping them safe with dozens of companies to choose from. While these platforms are becoming easier to use as virtual currencies become popularized, they are still seen as intimidating and complicated to most people. For this reason, most beginners to the crypto game opt for a paper wallet instead of the hardware or software solutions that more experienced traders use.

Paper Wallets are easy to use

Paper wallets are a more familiar option for people who are used to carrying around cash or credit cards with them in their daily lives. The fact that your credentials are printed and can be taken with you can afford a greater sense of security that other methods can’t. Most people who begin with a paper wallet gradually move towards “hot” storage environments such as online platform anyway, especially for those who make frequent transactions. This just goes to show that while online platforms are a useful tool, they are not needed for making purchases with virtual currencies.

Paper and the Bitcoin Network

One misconstrued idea that most beginners have about cryptocurrencies is that once they open their wallet account, it means they are always connected to the network to make transactions. This idea comes from an average person’s idea about the blockchain, yet this can be answered with a paper wallet. By using something tangible, this helps new users to differentiate between their wallet account and the network it is supposedly connected to. It also gives people a sense of physical ownership for their coins, as opposed to a number floating around somewhere in the blockchain. This fact is realized when they make their first transaction, as they learn that the blockchain is only relevant for sending and receiving coins, not storing it.

Tangible Security

It’s ironic that a paper wallet could be seen as an insecure method for keeping your coins, at least at first. But with security, human nature is the weakest link in any system. By keeping your credentials literally within arm’s reach, this puts the onus of security squarely on your shoulders. Although you could always lose your paper wallet if you are careless, this would be something that was entirely within your control.

Imagine what would happen if Coinbase was hacked. Millions of people trust Coinbase with their wallet files, as well as all of their coins. The platform’s entire user base could be left penniless, simply by putting their trust in a third party. This kind of disaster can’t happen if you use a paper wallet or other cold storage mechanism, as you are the only person responsible for its security and not someone else.

Some people may tell you that the threat of hacking can be mitigated through the use of secure wallet services such as Copay or Blockchain, yet this still does not address the issue of how their user’s private keys are being used. A person who is new to cryptocurrencies or security cannot read through the source code to see if their wallets or safe or not. This means that most users put blind faith into these services and can only hope that they know what they are doing.

Although paper wallets have the same security risks as credit cards, they are still one of the safest ways of storing large amounts of virtual currencies. These simple devices allow you to take complete responsibility to secure your private keys. They also protect your investments from computer malfunctions such as accidental deletions of theft. Finally, using a paper wallet still means that you can use a password with your private key, which means that an attacker would need your password as well as private key to steal your coins.

Caveat

Paper wallets could be seen as a somewhat crude approach for making cryptocurrencies such as Bitcoin easier to manage for the common person. Although they are simple and work well when managed properly, they are still just a piece of paper. Like anything made out of paper, your wallet can be damaged through water, tears, misplacement, sun damage, theft, and other accidents. Thus, the actual security of a paper wallet comes down to how you use them. Regardless, paper wallets still make for a viable method of cold storage for beginners as well as experienced users.

Storage devices like a USB drive are also used to keep the secret keys. Such devices are further kept in a safe or deposit box to make sure that they don’t fall into the wrong hands.

Hardware Wallets

Hardware wallets are now a favored method to secure coins in the physical world. Hardware wallets are small devices that are resistant to water and viruses, and can even be used with multi-signature transactions, where more than one person is needed to verify a trade. These wallets can be convenient, time saving devices for sending virtual currencies, and most come equipped with a micro device backup and QR code scanner. Some popular brands of hardware wallets are Pi-Wallet and Bitsafe.

Consumer hardware wallets plug into a free USB port on your computer and require your authorization for sending transactions. These devices come in a range of different prices, with something on offer for anyone who is interested in protecting their coins. This doesn’t mean that they are perfect, however. In order to access your account, you need to remember either a PIN code or other cryptographic key to make a transaction. Many people write this password down on a piece of paper and end up misplacing it (much like a paper wallet), or they lose access to their key entirely. In this sense, a hardware wallet could become an expensive liability if you are careless with its security.

Another method for storing large amounts of virtual tokens is named deep cold storage. This method for safekeeping was pioneered by a London-based company that offers the same security as a bank, except for Bitcoins. The service is insured through an underwriter, which means that one’s assets are guaranteed against the theft or loss of virtual assets. Getting this service isn’t always easy though, as proof of address and identity documents are required for opening account. The fees can also be prohibitively expensive unless you are storing a lot of coins. Custody Service by the company Epileptic Vault is one form of deep cold storage

Long-term Storage with Hardware Wallets

When it comes to storing your cryptocurrencies, a secure, long-term view is required. And with a hardware wallet, this is what makes the magic happen. Although the information that you are storing is encrypted and cryptographic by design, you also need to make sure that information is protected from thieves and hackers. The ability for to keep your Bitcoin or any other cryptocurrencies safe over a long time horizon is important, especially for those who are investing a lot of their money into these digital tokens.

Private Keys are Kept Secured

When you use a hardware wallet, you private key is stored separate from the other data on the device. This compartmentalization means that your sensitive data is stored in the device memory differently to your Bitcoin or other cryptocurrency. Therefore, it makes it nearly impossible for an attacker to gain access to your account without your knowledge or consent. This is what makes hardware wallets “intelligent” devices though its use of separate memory sectors.

Immunity to Viruses

Right now, there are criminals who are creating malware and other viruses that have the sole intention of robbing you of your Bitcoin. These viruses are spread through torrents, adult websites, and through phishing attacks. Some of this malicious software has even appeared in browser extensions, and have stolen people’s CPU cycles to mine cryptocurrencies.

Software wallets that are stored on your computer can become lucrative targets for hackers, knowing that a potential windfall is possible if they can get access to your account. The good thing about hardware wallet is that they are immune to these types of attacks. One brand of hardware wallet named Trezor, has built-in safeguards to prevent it from being infected, even if the computer system is compromised. This device is one of few consumer wallets to have this feature, making it a favored option among crypto enthusiasts.

Quick Access to Funds

Despite being secure and almost impenetrable, using a hardware wallet remains convenient and easy to use. After all, what is the point of using a wallet service if you are not able to use it for day to day transactions? But one thing to keep in mind is that no solution is 100% secure, as we will explore in the next section. Hardware wallets do have some flaws, and they might not be as safe as you might think.

Risks of Hardware Wallets

The good news is that there have been no known incidents of a person losing their Bitcoin from a faulty hardware wallet. Although these devices might be new and unfamiliar by most investors, they have so far maintained an excellent track record. This reliability is in stark contrast to the performance of some of the “hot” or online wallet services in the past, such as what happened at the Mt. Gox exchange where millions of dollars were siphoned from its user’s accounts.

However, it’s important to know that hardware wallets are still considered high value targets for thieves and even real-life robberies. The devices are not miracle solutions, and there are a few plausible ways that they could end up losing your entire portfolio. Establishing a risk profile of your hardware wallet is important as it determines how much trust to place with these devices, as well as what wallets are going to be best for your situation.

Below are just some of the ways that a hardware wallet could fail to protect your investments.

Malware on your computer

As we have discussed, although the hardware wallet itself may be immune to viruses and malware, the computer remains as a target that can be infected. One form of attack is through changing the destination address during the transaction is completed. For example, instead of sending your Bitcoin to a friend or company, the malware would swap the intended address to a hacker’s a moment before you click Send. This malware lays in wait for high value transactions and only surfaces before one is about to occur. For this reason, it’s important to consider using multi-factor authentication such as through SMS or by phone, especially if you are making high volume or value trades.

Random numbers that are not really random

In order to encrypt your Bitcoin, hardware wallets rely on what’s called a random number generator. This generator is used to create your private key. The problem is that actually creating a number that is truly random can be a big problem, as most of the algorithms used by these devices are termed “pseudo random” by cryptologists. High level RNG can get its base, or seed number from seemingly chaotic environments to create a unique string of numbers, such as from the noise from the Earth’s atmosphere. However, hardware wallets are not likely to be making use of this feature, and could end up creating predictable strings of numbers. Although they could look random, the numbers may have statistical weaknesses that can be exploited by an attacker to decode your private key.

Another theory is that since the only people buying hardware wallets are those who want to protect large amounts of cryptocurrencies, the company itself (or an intermediary) could intentionally weaken the RNG algorithm for a huge windfall. This malicious weakening would then create an opening for the company or attacker to access these coins later, with the knowledge that each account is probably hoarding a large amount of Bitcoin. And because cryptocurrencies are private and decentralized, they make for easy pickings when it comes to money laundering and actually getting away with the crime. It would be very hard to prove that either the company or someone else was responsible for the attack, even if customers had a strong suspicion.

Compromised production process

There are many points in the production process of a hardware wallet that could lead it to becoming insecure. Throughout its supply chain, from manufacturer, shipper, distributor, and even hostile government agents could install backdoors in these devices. While this may seem paranoid, each party would have a strong financial motivation to do so and there would be little recourse for investors if this were to occur.

So while hardware wallets might not be the silver bullets they sometimes claim to be, they are still useful devices. A good rule of thumb to follow is to only buy from the source company and never a second hand model, and only go with the brand names that have been around for long enough.

However, the best solution over all is to mix a cold storage solution with open source software. Open source, PGP certified code eliminates the possibility of tampering of backdoors at a software level, whilst a physical device reduces the chance of your coins from being hacked. The final step is to use a verifiable source of entropy for a cryptographically secure wallet overall. This trifecta may provide optimal security for most people, and is suitable for long-term savings for your investment.

Sound Wallets

Finally, sound wallets are a different way to store your Bitcoin and other tokens. It involves transforming your private keys into encrypted sound files in items such as CDs and vinyl records. The code from these sound records can be accessed using a spectroscope.

Natively, sound wallets use a BIP38 key encryption that transforms your private key into a sound file. When the file is played without the right tools to view the data, it will be heard as static. However, by using its included AndroSpectro app, the private key will become available.

The Bitcoin Sound Wallet was the impetus of a Bitcointalk user under the name krach. He stated that the wallet works the same as any other except in audio form. All a user needs to do is to send him a message requesting the form of wallet that a person would like encrypted. The options are vinyl, CD, or .wav format.

When the file is played, a burst is static is let out, which is really the private key. After the static has finished, there is then some gritty electro music that plays for a short while. The added track at the end masks the true nature of the sound file, with most people would consider it the same as any other techno sound file.

Storing private keys with a Sound Wallet

Like hardware and paper wallets, sound wallets permit the storage of private keys, except in what is perhaps the most creative way of all. Investors can keep the files stored away on their computers with little risk of the files being stolen. And with the vinyl records or CDS, they could even be hung on an investor’s walls without anyone ever knowing what is contained inside the music.

The only downside to using a sound wallet is that using one can be both challenging and expensive. It demands specialist hardware and knowledge of how to embed one’s private key into an innocuous sound file. The creator of the Sound Wallet attempted to overcome this limitation through a crowd funding campaign, but that unfortunately failed to get the required funding. However, the idea of the Sound Wallet lives on, as companies have caught wind of this idea and have created their own copycat solutions.

The Bottom Line

Although imperfect and at times unpredictable, the use of a hardware wallet is critical for anyone who is serious about protecting their digital assets. Some solutions like a paper wallet cost nothing except for the price of printing for them to be made, which eliminates the excuse of them costing too much or being too difficult to manage. While deep cold storage remains reserved for the most affluent of investors.

Careful understanding of your risk profile and how long you intend to store your coins will determine the kind of solution you go for when it comes to choosing a hardware wallet, and there are a lot of options to choose from today.